LVS
lvs-users
[Top] [All Lists]
Google
 
Web LinuxVirtualServer.org
<prev [Date] next> <prev [Thread] next>

Re: [lvs-users] Port mapping with LVS-DR using fwmark

from [Julian Anastasov] [Permanent Link]
To: Jacoby Hickerson <hickersonjl@xxxxxxxxx>
Subject: Re: [lvs-users] Port mapping with LVS-DR using fwmark
Cc: "LinuxVirtualServer.org users mailing list." <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
From: Julian Anastasov <ja@xxxxxx>
Date: Sat, 25 Jan 2014 16:25:50 +0200 (EET) 
        Hello,

On Thu, 23 Jan 2014, Jacoby Hickerson wrote:

> Just to clarify the packets are going to the loopback of node 1, when they
> should be going to node 2.  This is shown in the tcpdump output:Here is the
> output from the lo device of the first node:
> 02:10:51.987030 IP 172.17.0.2.54276 > 172.17.0.16.50000: Flags [.], ack
> 2970678458, win 115, options [nop,nop,TS val 3044575793 ecr 978483], length
> 0
> 02:10:51.987079 IP 172.17.0.2.54276 > 172.17.0.16.50000: Flags [P.], seq
> 0:173, ack 1, win 115, options [nop,nop,TS val 3044575793 ecr 978483],
> length 173
> 02:10:51.987426 IP 172.17.0.2.54276 > 172.17.0.16.50000: Flags [.], ack 2,
> win 115, options [nop,nop,TS val 3044575793 ecr 978484], length 0
> 02:10:51.987480 IP 172.17.0.2.54276 > 172.17.0.16.50000: Flags [F.], seq
> 173, ack 2, win 115, options [nop,nop,TS val 3044575793 ecr 978484], length
> 0

...

> Packets are being sent from the RIP of the first node only.  From my
> understanding when using DR OutPkts should always be zero.

        When LocalNode (local RIP) is used, we can see
the local reply in LOCAL_OUT hook. It happens for NAT but
also for DR. So, it is normal. But we see these replies
after DNAT in LOCAL_OUT, see ip_vs_ops[] for reference.

> The end result is that the packets are always coming from the first
> node and never balanced to the second node.
> 
> Thanks for any further help, seems the solution is really close!

        Can you provide more understandable description
for the test, for example:

- client box:
IP1: X.X.X.X/N dev DEV
IP2: ...

- director:
IP1: ...
VIP: XXX
are client and director same box

- real server:
IP1: ...

        iptable rules used. By this way I can try to
duplicate the problem. Now I see some IPs in tcpdump
output but I'm not sure what kind of traffic is shown,
where is started the tcpdump, on what box, on what
interface, external, internal...

Regards

--
Julian Anastasov <ja@xxxxxx>
_______________________________________________
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserver.org/

LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
or go to http://lists.graemef.net/mailman/listinfo/lvs-users
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [lvs-users] Port mapping with LVS-DR using fwmark, Jacoby Hickerson
Next by Date:  [lvs-users] prasunb25@xxxxxxxxx has been waiting for 6 days. Accept?, prasunb25
Previous by Thread:  Re: [lvs-users] Port mapping with LVS-DR using fwmark, Jacoby Hickerson
Next by Thread:  Re: [lvs-users] Port mapping with LVS-DR using fwmark, Jacoby Hickerson
Indexes:  [Date] [Thread] [Top] [All Lists]